YoVDO

Next-Generation of Exploit Kit Detection by Building Simulated Obfuscators

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Reverse Engineering Courses Malware Detection Courses Exploit Kits Courses

Course Description

Overview

Explore the next generation of exploit kit detection through the construction of simulated obfuscators in this Black Hat conference talk. Delve into the world of driving-by downloads attacks and the role of exploit kits in malware delivery. Learn about the key obfuscation techniques used to evade firewall detection and the limitations of current research approaches. Discover how rebuilding obfuscators for six notorious exploit kit families can benefit cybersecurity research. Examine the design and implementation of these simulated obfuscators, their evaluation process, and the insights gained from generating a vast array of samples. Investigate the evolution of obfuscators within each exploit kit family and explore potential predictions for future variations. Challenge current variation naming conventions and consider a new approach based on actual obfuscator changes. Gain valuable knowledge on the amplification effect of obfuscator modifications on obfuscated pages and its implications for cybersecurity.

Syllabus

Introduction
Welcome
Background
Website
Obstacle Page
Previous research
Scheduling application
Reverse engineering
In the real world
Data complicity
Highlevel picture
Normalization
Rotation
Color Structure
Similarity
Stream Crossing
Hierarchical Crossmark
Passive Threshold
Analysis
Life Cycle
New Version
Angular is Poor Kid
Application Engine Change
Conclusion
Outro


Taught by

Black Hat

Related Courses

Introducción al Análisis del Malware en Windows
National Technological University – Buenos Aires Regional Faculty via Miríadax
The Complete Cyber Security Course : End Point Protection!
Udemy
Máster en Seguridad Informática. Curso completo de Hacking.
Udemy
Network Analysis with Arkime
Pluralsight
Configuring Firepower Threat Defense (FTD) Integrations
Pluralsight